SPECS Project Secure Provisioning of Cloud Services based on SLA Management. SPECS Overview
|
|
|
- Wesley Harrell
- 5 years ago
- Views:
Transcription
1 SPECS Project Secure Provisioning of Cloud Services based on SLA Management SPECS Overview
2 Outline n Introduction n Project n Challenges n Security SLAs n Mission n Results n Security SLA n Security Metric Catalogue n Framework n Solution Portfolio n SPECS n Models n Process n Framework 23/02/16 1st Workshop DPSP - Napoli 2
3 SPECS Project CeRICT, Italy (coordinator) TUD, Germany IeAT, Romania CSA, United Kingdom FP7-ICT Project Start: 1/11/2013 Project Type: STREP Duration: 30M Total Funding: 3.5 M EU Contribution: 2.4 M XLAB, Slovenia EISI, Ireland 1st Workshop DPSP - Napoli 3
4 Cloud Security Challenges n CSP Security Assessment n I made a risk assessment; does my CSP offer all the controls I need to meet my security requirement? n Comparison of security offered by CSPs n Many CSPs offer the same functionalities at different costs, how the security changes from one to another? n Monitoring CSP Security n My CSP granted me it is applying a lot of security controls, how can I verify it is true? If a security breach happens, how can I be aware of it? n Data Protection n Do I respect all data protection regulation? Is my privacy respected? 23/02/16 1st Workshop DPSP - Napoli 4
5 Security Service level Agreements Security SLAs are contracts among CSP and CSCs regulating the security level granted over provisioned services n Open Challenges: n identification and representation of security attributes n quantification of the security level n continuous monitoring of the fulfillment of the SLAs n automated enforcement 23/02/16 1st Workshop DPSP - Napoli 5
6 SPECS Mission SPECS aims at using Security SLAs to: n negotiate Security among CSC and CSP, enabling Customers to compare CSPs and CSPs to offer security addressing customer specific needs; n automatically enforce Security on services delivered to CSCs according to their requirements. n enable both CSCs and CSPs to monitor security levels and react when security is violated 23/02/16 1st Workshop DPSP - Napoli 6
7 SLA-based cloud Services Negotiate Implement Monitor Remediation Renegotiate Agree on Security Controls and Metrics Activate Security Mechanism Collect Security Metrics measuremnt Identify Violation and apply remedies Change SLA terms 23/02/16 1st Workshop DPSP - Napoli 7
8 SPECS Model Use Cloud Service Develop Customer Developer Manage Use Cloud Service CSP SPECS Owner Broker & Configure 23/02/16 1st Workshop DPSP - Napoli 8
9 SPECS Framework SPECS Application Customer Developer Monitoring Negotiation Enforcement SPECS Owner 9 SLA Platform Enabling Platform 23/02/16 1st Workshop DPSP - Napoli 9
10 Results: Security SLA Model n A Security SLA model and its machine readable format made according to state-ofthe art standards (ISO 19086, WS- Agreement, ) n Security SLA usable according to standard risk modeling processes n Security SLA containing standard and measurable security metrics to offer grants (easy for Providers and verifiable by Customers) 23/02/16 1st Workshop DPSP - Napoli 10
11 Security SLA Model Declarative Measurable 23/02/16 1st Workshop DPSP - Napoli 11
12 Results: Security Metric Catalogue n A Catalogue of security metrics represented according to the latest NIST/ISO standards n More than 20 security metrics defined in SPECS n More than 160 security metrics collected from other projects and standard bodies and represented according to SPECS model 23/02/16 1st Workshop DPSP - Napoli 12
13 Results: SPECS Framework 23/02/16 1st Workshop DPSP - Napoli 13
14 Results: SPECS portfolio n Secure Web Container n A PaaS offering Web servers preconfigured with TLS, protected against DoS and enriched with Software Vulnerability Assessment n STAR Watch n Evaluate and compare CSPs using CSA STAR Repository n E2EE n A Storage Service protected with E2E Encryption n ViPR+SPECS n A CSP datacenter offering Security SLA on top of EMC ViPR solution 23/02/16 1st Workshop DPSP - Napoli 14
15 SPECS impact goals n Support Private and Public Cloud Providers to enhance the security of their service under a signed Security SLA n Support small Private Cloud Providers (the majority in Europe) to offer more security, and negotiable with customers (more flexibility then big CSP) n Improve customers trust in the Cloud 23/02/16 1st Workshop DPSP - Napoli 15
16 Questions? References: SPECS:
Module Shared API and Core Services
Secure Provisioning of Cloud Services based on SLA Management SPECS Project - Deliverable 1.4.1 Module Shared API and Core Services Version 1.1 15 February 2016 The activities reported in this deliverable
Evaluation and lessons learnt from scenario on Real-time monitoring, reporting and response to security incidents related to a CSP
Secure Provisioning of Cloud Services based on SLA Management SPECS Project - Deliverable 5.2.1 Evaluation and lessons learnt from scenario on Real-time monitoring, reporting and response to security incidents
ECSA Assessment Report
ECSA Assessment Report Company Test Cloud Company Name of the cloudservice textcloud.com Website of the cloudservice 11.textcloud.com Project number #10652 Projectname Dummyproject Print date 2015-12-01
THE NEW EU DATA PROTECTION REGULATION: WHAT IS IT AND WHAT DO WE NEED TO DO? KALLIOPI SPYRIDAKI CHIEF PRIVACY STRATEGIST, EUROPE
THE NEW EU DATA PROTECTION REGULATION: WHAT IS IT AND WHAT DO WE NEED TO DO? KALLIOPI SPYRIDAKI CHIEF PRIVACY STRATEGIST, EUROPE EU DATA PROTECTION REGULATION Kalliopi Spyridaki Chief Privacy Strategist,
Erkuden Rios MARCH 2017, EXCEL LONDON
Erkuden Rios 15 16 MARCH 2017, EXCEL LONDON The Cluster Initiative launched by DG-CNECT in April 2015. Gathers together EU-funded research projects working on: Solutions on: Data Protection Security Privacy
STANDARDS TO HELP COMPLY WITH EU LEGISLATION. EUROPE HAS WHAT IT TAKES INCLUDING THE WILL?
ETSI SUMMIT Releasing the Flow Data Protection and Privacy in a Data-Driven Economy 19 April 2018 STANDARDS TO HELP COMPLY WITH EU LEGISLATION. EUROPE HAS WHAT IT TAKES INCLUDING THE WILL? Presented by
Version 1/2018. GDPR Processor Security Controls
Version 1/2018 GDPR Processor Security Controls Guidance Purpose of this document This document describes the information security controls that are in place by an organisation acting as a processor in
EU Cloud Computing Policy. Luis C. Busquets Pérez 26 September 2017
EU Cloud Computing Policy Luis C. Busquets Pérez 26 September 2017 The digital revolution is built on data Most economic activity will depend on data within a decade Potential of the data-driven economy
Practical Guide to Platform as a Service.
Practical Guide to Platform as a Service http://cloud-council.org/resource-hub.htm#practical-guide-to-paas December 3, 2015 The Cloud Standards Customer Council THE Customer s Voice for Cloud Standards!
Making cloud SLAs readily usable in the EU private sector. C-SIG WG on Cloud Standards 18 January 2017 Brussels, Belgium
Making cloud SLAs readily usable in the EU private sector C-SIG WG on Cloud Standards 18 January 2017 Brussels, Belgium SLA-Ready s main outputs Educating and empowering customers and providers A Common
Data Security and Privacy at Handshake
Data Security and Privacy at Handshake Introduction 3 A Culture of Security 3 Employee Background Checks 3 Dedicated Security and Privacy Teams 3 Ongoing Team Training 4 Compliance 4 FERPA 4 GDPR 4 Security
Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops.
George Gerchow, Sumo Logic Chief Information Security Officer Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops. Agenda Sumo Security
Cloud Computing. Faculty of Information Systems. Duc.NHM. nhmduc.wordpress.com
Cloud Computing Faculty of Information Systems Duc.NHM nhmduc.wordpress.com Evaluating Cloud Security: An Information Security Framework Chapter 6 Cloud Computing Duc.NHM 2 1 Evaluating Cloud Security
Empowering the Service Economy with SLA-aware Infrastructures in the project
Empowering the Service Economy with SLA-aware Infrastructures in the project SLA@SOI ETSI Workshop Grids, Clouds & Service Infrastructures, Sophia Antipolis, Dec 2-3, 2009 Ramin Yahyapour Technische Universität
H2020-LEIT-ICT WP European Data Infrastructure ICT-13 Supporting the emergence of data markets and the data economy
H2020-LEIT-ICT WP2018-2020 European Data Infrastructure ICT-13 Supporting the emergence of data markets and the data economy Kimmo Rossi DG CNECT.G1 Data Policy and Innovation Unit Problem statement Sharing
How to Establish Security & Privacy Due Diligence in the Cloud
How to Establish Security & Privacy Due Diligence in the Cloud Presentation: Cloud Computing Expo 2015, Santa Clara, California Maria C. Horton, CISSP, ISSMP, Cloud Essentials, IAM CEO, EmeSec Incorporated
FAQ about the General Data Protection Regulation (GDPR)
FAQ about the General Data Protection Regulation (GDPR) 1. When does the GDPR come into force? The GDPR was promulgated 25 May 2016 and comes into effect 25 May 2018. 2. Is there a transition period? We
A sanity check on Cloud from a Benelux point of view. Is Cloud turning into Fast Food? Are we conscious of the health risks?
A sanity check on Cloud from a Benelux point of view EEMA Event: To Cloud or not to Cloud BART DEPRETER, MANAGER PRESALES & CONSULTANCY, CEGEKA November 18, 2015 Agenda Is Cloud turning into Fast Food?
Performing a Vendor Security Review TCTC 2017 FALL EVENT PRESENTER: KATIE MCINTOSH
Performing a Vendor Security Review TCTC 2017 FALL EVENT PRESENTER: KATIE MCINTOSH 1 Speaker Bio Katie McIntosh, CISM, CRISC, CISA, CIA, CRMA, is the Cyber Security Specialist for Central Hudson Gas &
The prospects of data breach laws in 18 European countries
The prospects of data breach laws in 18 European countries Stewart Dresner, Chief Executive, Privacy Laws & Business 11:30 a. m.11:30 a.m. Privacy in Transition: The International Perspective THE PRIVACY
IT Security Evaluation : Common Criteria
AfriNIC-9 MEETING Mauritius 22-28 November 2008 IT Security Evaluation : Common Criteria Ministry of Communication Technologies National Digital Certification Agency Mounir Ferjani November 2008 afrinic
GDPR Processor Security Controls. GDPR Toolkit Version 1 Datagator Ltd
GDPR Processor Security Controls GDPR Toolkit Version 1 Datagator Ltd Implementation Guidance (The header page and this section must be removed from final version of the document) Purpose of this document
INTO THE CLOUD WHAT YOU NEED TO KNOW ABOUT ADOPTION AND ENSURING COMPLIANCE
INTO THE CLOUD WHAT YOU NEED TO KNOW ABOUT ADOPTION AND ENSURING COMPLIANCE INTRODUCTION AGENDA 01. Overview of Cloud Services 02. Cloud Computing Compliance Framework 03. Cloud Adoption and Enhancing
NIST Cloud Security Architecture Tool (CSAT) Leveraging Cyber Security Framework to Architect a FISMA-compliant Cloud Solution
NIST Cloud Security Architecture Tool (CSAT) Leveraging Cyber Security Framework to Architect a FISMA-compliant Cloud Solution Dr. Michaela Iorga NIST October 2018 A Triple Inflection Point Marked A New
INFORMATION SECURITY PRINCIPLES OF THE UNIVERSITY OF JYVÄSKYLÄ
INFORMATION SECURITY PRINCIPLES OF THE UNIVERSITY OF JYVÄSKYLÄ JYVÄSKYLÄN YLIOPISTO Introduction With the principles described in this document, the management of the University of Jyväskylä further specifies
The emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18
The emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18 European Union Agency for Network and Information Security
Trustworthy ICT. FP7-ICT Objective 1.5 WP 2013
Trustworthy ICT FP7-ICT-2013-10 Objective 1.5 WP 2013 1 General Overview Focused in a limited number of technologies in emerging application of high economic impact in the security area, Cloud Computing
Continuous auditing certification
State of the Art in cloud service certification Cloud computing has emerged as the de-facto-standard when it comes to IT delivery. It comes with many benefits, such as flexibility, cost-efficiency and
ITIL Foundation. Processexam.com. Exam Summary Syllabus Questions
ITIL Foundation Processexam.com Exam Syllabus Questions Table of s Key to success in ITIL Foundation Exam... 2 ITIL Foundation Certification Details:... 2 ITIL Foundation Exam Syllabus:... 2 ITIL Foundation
Reference Architecture for Cloud SLA Negotiation: Development and Tests Final Prototype
Secure Provisioning of Cloud Services based on SLA Management SPECS Project - Deliverable 2.3.2 Reference Architecture for Cloud SLA Negotiation: Development and Tests Final Prototype Version no. 1.1 30
Google Cloud & the General Data Protection Regulation (GDPR)
Google Cloud & the General Data Protection Regulation (GDPR) INTRODUCTION General Data Protection Regulation (GDPR) On 25 May 2018, the most significant piece of European data protection legislation to
WELCOME TO ITIL FOUNDATIONS PREP CLASS AUBREY KAIGLER
WELCOME TO ITIL FOUNDATIONS PREP CLASS AUBREY KAIGLER 2 Demand Management Demand management: The process used to make investmentrelated decisions across the enterprise. Pattern Pattern of of Business Activity
Cloud Computing Standards C-SIG Plenary Brussels, 15 February Luis C. Busquets Pérez DG CONNECT E2
Cloud Computing Standards C-SIG Plenary Brussels, 15 February 2017 Luis C. Busquets Pérez DG CONNECT E2 European cloud computing strategy Unleashing the Potential of Cloud Computing in Europe (COM(2012)
Where is the EU in cloud security certification?: Main findings
WE CAN DO SO MUCH TOGETHER Where is the EU in cloud security certification?: Main findings Certification schemes for cloud computing SMART 2016 / 0029 Leire Orue-Echevarria TECNALIA December 11 th, 2017
Core Elements of HIPAA The Privacy Rule establishes individuals privacy rights and addresses the use and disclosure of protected health information ( PHI ) by covered entities and business associates The
Identify adequate calls and analyze the call text
TURKEY IN HORIZON 2020 ALTUN/HORIZ/TR2012/0740.14-2/SER/005 H2020 General Training Finding Calls Understanding the call texts Identify adequate calls and analyze the call text "From an idea to a proposal"
Security frameworks for Gov Clouds: A Technical Analysis
Security frameworks for Gov Clouds: A Technical Analysis Dimitra Liveri EU Network and Information Security Agency (ENISA) Dr. Jesus Luna CSA EMEA Technical University of Darmstadt TUDA www.enisa.europa.eu
2010 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media,
2010 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising
Adtech and GDPR What to consider when choosing your partner
Adtech and GDPR What to consider when choosing your partner 1 Agenda What to avoid and What to do Where is Adform on GDPR Posibilities for advertisers 2 This is about GDPR, not the unknown eprivacy update
Accelerate GDPR compliance with the Microsoft Cloud Ole Tom Seierstad National Security Officer Microsoft Norway
Accelerate GDPR compliance with the Microsoft Cloud Ole Tom Seierstad National Security Officer Microsoft Norway This presentation is intended to provide an overview of GDPR and is not a definitive statement
Communication tools, project information package and control procedures
Secure Provisioning of Cloud Services based on SLA Management SPECS Project - Deliverable 7.1.2 Communication tools, project information package and control procedures Version 1.0 30 April 2016 The activities
CSA GUIDANCE VERSION 4 S TAT E O F T H E A R T CLOUD SECURITY AND GDPR NOTES. Hing-Yan Lee (Dr.) EVP, APAC, Cloud Security Alliance
CSA GUIDANCE VERSION 4 S TAT E O F T H E A R T CLOUD SECURITY AND GDPR NOTES Hing-Yan Lee (Dr.) EVP, APAC, Cloud Security Alliance ABOUT THE BUILDING SECURITY BEST PRACTICES FOR NEXT GENERATION IT CLOUD
Page 1 How SLA-Ready directly responds to the EC COM (2016) 19/4/2016 on ICT Standardisation Priorities for the Digital Single Market
www.sla-ready.eu Title: ICT Standardisation Priorities for the Digital Single Market Date: 13 June 2016 Page 1 Executive Overview SLA-Ready (Making SLAs readily usable in the EU private sector) is a European
EUROPEAN ICT PROFESSIONAL ROLE PROFILES VERSION 2 CWA 16458:2018 LOGFILE
EUROPEAN ICT PROFESSIONAL ROLE PROFILES VERSION 2 CWA 16458:2018 LOGFILE Overview all ICT Profile changes in title, summary, mission and from version 1 to version 2 Versions Version 1 Version 2 Role Profile
COMPLIANCE IN THE CLOUD
COMPLIANCE IN THE CLOUD 3:45-4:30PM Scott Edwards, President, Summit 7 Dave Harris Society for International Affairs COMPLIANCE IN THE CLOUD Scott Edwards scott.edwards@summit7systems.com 256-541-9638
esignature Infrastructure Marketing Model
www.peppol.eu esignature Infrastructure Marketing Model esignature Long Demo Objectives of PEPPOL esignature The overall objective of PEPPOL esignature is to provide cross European interoperability of
Our agenda. The basics
GDPR - AVG - RGPD. Our agenda The basics Key actions Responsibilities The basics Key actions Responsibilities Who cares? Why? From directive to regulation 24 Oct 1995: a Directive 95/46/EC is adopted partially
EU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS
EU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS MEET THE EXPERTS DAVID O LEARY Director, Forsythe Security Solutions THOMAS ECK Director, Forsythe Security Solutions ALEX HANWAY Product
Third Party Security Review Process
Third Party Security Review Process Rev. 10/11/2016 OIT/IPS-Information Security Office Version Control Version Date Name Change 1.0 9/26/16 V. Guerrero First version of the document 1.2 10/11/16 S. Foote
BHBIA New Data Protection Rules. Pharma Company Perspective. Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD
BHBIA New Data Protection Rules Pharma Company Perspective Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD Pharma Company Perspective Data Controllers Responsibilities
PRISMACLOUD. Privacy and Security Maintaining Services in the Cloud Thomas Loruenser. CSP2015 Brussels /
PRISMACLOUD Privacy and Security Maintaining Services in the Cloud Thomas Loruenser CSP2015 Brussels / 29.04.2015 Challenges for future ICT Cloud computing will be at the heart of future ICT systems The
NIS Standardisation ENISA view
NIS Standardisation ENISA view Dr. Steve Purser Brussels, 19 th September 2017 European Union Agency for Network and Information Security Instruments For Improving Cybersecurity Policy makers have a number
Data Processing Agreement
In accordance with the European Parliament- and Council s Directive (EU) 2016/679 of 27th April 2016 (hereinafter GDPR) on the protection of physical persons in connection with the processing of personal
Granted: The Cloud comes with security and continuity...
Granted: The Cloud comes with security and continuity... or, does it? Bogac Ozgen, MSc GyroFalco Ltd. http://www.gyrofalco.com Questions & Answers Do we still need security and continuity? YES Should I
DATA PROCESSING TERMS
DATA PROCESSING TERMS Safetica Technologies s.r.o. These Data Processing Terms (hereinafter the Terms ) govern the rights and obligations between the Software User (hereinafter the User ) and Safetica
Cloud Computing, SaaS and Outsourcing
Cloud Computing, SaaS and Outsourcing Michelle Perez, AGC Privacy, IPG Bonnie Yeomans, VP, AGC & Privacy Officer, CA Technologies PLI TechLaw Institute 2017: The Digital Agenda Introduction to the Cloud
Open Cloud Computing Interface Service Level Agreements
1 2 3 4 Draft OCCI-WG Gregory Katsaros, Intel February 23, 2016 5 Open Cloud Computing Interface Service Level Agreements 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Status of this Document This document
EU funded research is keeping up trust in digital society
EU funded research is keeping up trust in digital society Rafael Tesoro Trust and Security Unit DG Communica5ons Networks, Content and Technology European Commission Cybersecurity Strategy of the EU: An
Service Level Agreements: An Approach to Software Lifecycle Management. CDR Leonard Gaines Naval Supply Systems Command 29 January 2003
Service Level Agreements: An Approach to Software Lifecycle Management CDR Leonard Gaines Naval Supply Systems Command 29 January 2003 Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting
The challenges of Multi-Clouds
The challenges of Multi-Clouds Dana Petcu West University of Timisoara & Institute e-austria Timisoara 1 Agenda more concrete Generalities Backgound Clouds and their future? Why Multiple Clouds? Taxonomy
The Etihad Journey to a Secure Cloud
SESSION ID: CCS-T07 The Etihad Journey to a Secure Cloud Georges de Moura Head of Group Information Security, Risk & Compliance Etihad Aviation Group History: Before The Cloud Devolved IT Decision-Making
Cloud Computing Standard 1.1 INTRODUCTION 2.1 PURPOSE. Effective Date: July 28, 2015
Cloud Computing Standard Effective Date: July 28, 2015 1.1 INTRODUCTION Cloud computing services are application and infrastructure resources that users access via the Internet. These services, contractually
CAN MICROSOFT HELP MEET THE GDPR
CAN MICROSOFT HELP MEET THE GDPR REQUIREMENTS? Danny Uytgeerts Microsoft 365 TSP / P-Seller Privacy Consultant (certified DPO) Member of DPO-Pro (Professional association of Belgian DPOs) danny.uytgeerts@realdolmen.com
Oracle Data Cloud ( ODC ) Inbound Security Policies
Oracle Data Cloud ( ODC ) Inbound Security Policies Contents Contents... 1 Overview... 2 Oracle Data Cloud Security Policy... 2 Oracle Information Security Practices - General... 2 Security Standards...
Securing the cloud ISACA Korea. Han Ther, Lee CISA, CISM, CISSP, CRISC, ITILF, MCSA
Securing the cloud ISACA Korea Han Ther, Lee CISA, CISM, CISSP, CRISC, ITILF, MCSA What is cloud computing? Source: Wikipedia 2 What is cloud computing A model for enabling:- convenient on-demand network
Cloud Transformation Program Cloud Change Champions June 20, 2018
Cloud Transformation Program Cloud Change Champions June 20, 2018 W June C Today s Agenda C C M! 1 Welcome and Agenda Overview Program Updates 2 Security Issues in the Cloud Presenter: Michael Timineri
Checklist: Credit Union Information Security and Privacy Policies
Checklist: Credit Union Information Security and Privacy Policies Acceptable Use Access Control and Password Management Background Check Backup and Recovery Bank Secrecy Act/Anti-Money Laundering/OFAC
What is cloud computing? The enterprise is liable as data controller. Various forms of cloud computing. Data controller
A guide to CLOUD COMPUTING 2014 Cloud computing Businesses that make use of cloud computing are legally liable, and must ensure that personal data is processed in accordance with the relevant legislation
Readiness, Response & Resilence:
Readiness, Response & Resilence: building out advance security operations Husam Al Saraf Solutions Principal Lead Turkey, Africa & Middle East #RSAemeaSummit 1 Traditional Security Operations Top Gaps
The Risks of Cloud Computing:
The Risks of Cloud Computing: Understanding the inherent risks form cloud computing and cloud technologies KATIE WOOD LECTURE INFORMATICS DEPARTMENT UNIVERSITY OF WOLVERHAMPTON FEB 2013 Areas to consider
Open Telekom Cloud. ESA-ESPI Workshop Space Data & Cloud Computing Infrastructures: Policies and Regulations Provider View Andreas Falkner
Open Telekom Cloud ESA-ESPI Workshop Space Data & Cloud Computing Infrastructures: Policies and Regulations Provider View Andreas Falkner Source: flaticon.com cloud as the Basis for Digitization A door-opener
General Data Protection Regulation
General Data Protection Regulation Workshare Ltd ( Workshare ) is a service provider with customers in many countries and takes the protection of customers data very seriously. In order to provide an enhanced
Privacy Policy of Kyms
Privacy Policy of Kyms This Application collects some Personal Data from its Users. Policy summary Personal Data collected for the following purposes and using the following services: Analytics Google
Héctor Fernández and G. Pierre Vrije Universiteit Amsterdam
Héctor Fernández and G. Pierre Vrije Universiteit Amsterdam Cloud Computing Day, November 20th 2012 contrail is co-funded by the EC 7th Framework Programme under Grant Agreement nr. 257438 1 Typical Cloud
IoT privacy risk management in ANASTACIA project
ANASTACIA has received funding from the European Union s Horizon 2020 Research and Innovation Programme under Grant Agreement N 731558 and from the Swiss State Secretariat for Education, Research and Innovation.
ITIL Foundation Program Certification Program. The Minimum number of students per session is 6 where the maximum is 25.
3 Days Course Overview ITIL is a set of best practices guidance that has become a worldwide-adopted framework for Information Technology Services Management (ITSM) by many Public & Private Organizations.
IBM services and technology solutions for supporting GDPR program
IBM services and technology solutions for supporting GDPR program 1 IBM technology solutions as key enablers - Privacy GDPR Program Work-stream IBM software 2.1 Privacy Risk Assessment and Risk Treatment
Current Cloud Certification Challenges Ahead and Proposed Solutions
Current Cloud Certification Challenges Ahead and Proposed Solutions Daniele Catteddu, CTO Cloud Security Alliance AGENDA 3 Challenges 1 Framework 3 Key Requirements 3 Solutions Copyright 2011 2016 Cloud
Disclaimer. IEEE Copyright notice
Disclaimer This copy is a preprint of the article self-produced by the authors for personal archiviation. Use of this material is subject to the following copyright notice. IEEE Copyright notice Personal
GENERAL DATA PROTECTION REGULATION (GDPR)
GENERAL DATA PROTECTION REGULATION (GDPR) Date: 01/02/17 Vendor Assessment Contents Introduction 2 Transparency 2 Collection and Purpose Limitation 4 Quality 4 Privacy Program Management 5 Security for
Presentation Outline. Introduction Information Gathering Sample of Results Requirements Case Study Challenges Recommendations
Sixth SG13 Regional Workshop for Africa on Standardization of future networks: What opportunities for Africa? (Abidjan, Côte d Ivoire, 26-27 March 2018) Supplement No. 146 to Y Series of Recommendations
hybrid cloud for science Kickoff Phase 3 Pilot FeBRUARY, 6 th / 7 th 2018 Team T-Systems/Huawei/Cyfronet/Divia
hybrid cloud for science Kickoff Phase 3 Pilot FeBRUARY, 6 th / 7 th 2018 Team T-Systems/Huawei/Cyfronet/Divia Helix Nebula Science CLOUD Vision T-Systems Helix nebula will be the leading european hybrid
Use of data processor (external business unit)
Published with the support of: Code of conduct for information security www.normen.no Use of data processor (external business unit) Supporting document Fact sheet no 10 Version: 4.0 Date: 12 Feb 2015
Amazon S3 Cloud-storage Service
On the Network Performance of Amazon S3 Cloud-storage Service Valerio Persico*, Antonio Montieri, Antonio Pescapè*, *University of Napoli Federico II (Italy) NM2 srl (Italy) IEEE CloudNet 2016 Pisa, Italy,
ENISA & Cybersecurity. Steve Purser Head of Technical Competence Department December 2012
ENISA & Cybersecurity Steve Purser Head of Technical Competence Department December 2012 Agenda Protecting Critical Information Infrastructure Input to EU & MS Cyber Security Strategies Assisting Operational
ITIL Foundation. PeopleCert ITIL Foundation. Processexam.com. Exam Summary Syllabus Questions
ITIL Foundation PeopleCert ITIL Foundation Processexam.com Exam Summary Syllabus Questions Table of Contents Key to success in ITIL Foundation Exam on PeopleCert ITIL Foundation... 2 PeopleCert ITIL Foundation
IBM Sterling B2B Services File Transfer Service
Service Description IBM Sterling B2B Services File Transfer Service This Service Description describes the Cloud Service IBM provides to Client. Client means the company and its authorized users and recipients
Cloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services http://www.cloud-council.org/deliverables/cloud-customer-architecture-for-securing-workloads-on-cloud-services.htm Webinar April 19,
Data Processing Clauses
Data Processing Clauses The examples of processing clauses below are proposed pending the adoption of standard contractual clauses within the meaning of Article 28.8 of general data protection regulation.
Site Builder Privacy and Data Protection Policy
Site Builder Privacy and Data Protection Policy This policy applies to the work of the Third Age Trust s Site Builder Team. The policy sets out the approach of the Team in managing personal information
ITIL 2011 Overview - 1 Day (English and French)
ITIL 2011 Overview - 1 Day (English and French) Course Overview ITIL is a set of best practices guidance that has become a worldwide-adopted framework for IT Service Management (ITSM) by many Public &
The IECEx Ticket to Global Markets
The IECEx Ticket to Global Markets Extract from the tutorial at PCIC Europe 2008 Rudolf Pommé KEMA Quality NL Karel Neleman BARTEC NL With special thanks to co-authors: Mario Colpa BACAB CH Frédérique
The Role of ENISA in the Implementation of the NIS Directive Anna Sarri Officer in NIS CIP Workshop Vienna 19 th September 2017
The Role of ENISA in the Implementation of the NIS Directive Anna Sarri Officer in NIS CIP Workshop Vienna 19 th September 2017 European Union Agency for Network and Information Security Positioning ENISA
Fintech District. The First Testing Cyber Security Platform. In collaboration with CISCO. Cloud or On Premise Platform
Fintech District The First Testing Cyber Security Platform In collaboration with CISCO Cloud or On Premise Platform WHAT IS SWASCAN? SWASCAN SERVICES Cloud On premise Web Application Vulnerability Scan
An Intelligent Service Oriented Infrastructure supporting Real-time Applications
An Intelligent Service Oriented Infrastructure supporting Real-time Applications Future Network Technologies Workshop 10-11 -ETSI, Sophia Antipolis,France Karsten Oberle, Alcatel-Lucent Bell Labs Karsten.Oberle@alcatel-lucent.com
BHConsulting. Your trusted cybersecurity partner
Your trusted cybersecurity partner BH Consulting Securing your business BH Consulting is an award-winning, independent provider of cybersecurity consulting and information security advisory services. Recognised
Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud
Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud Introduction The Criminal Justice Information Security (CJIS) Policy is a publically accessible document that contains
Improve testing for customer services and service management
Improve testing for customer services and service management Shirley Lacy www.connectsphere.com Material Copyright ConnectSphere Limited 2013 1 Topics Introduction ITIL concepts for service design and
Cloud First Policy General Directorate of Governance and Operations Version April 2017
General Directorate of Governance and Operations Version 1.0 24 April 2017 Table of Contents Definitions/Glossary... 2 Policy statement... 3 Entities Affected by this Policy... 3 Who Should Read this Policy...
Your Trusted Partner in Europe European Business Reliance Centre
Your Trusted Partner in Europe European Business Reliance Centre Fit4Exchange 23 Septembre 2015 ebrc.com 24/09/2015 Public 1 EBRC -European Business Reliance Centre Our vision: To be the Centre of Excellence